Add Nonce, Tag sizes to Aead Traits

[theory]

I've been experimenting with the AEAD implementations, such as chacha20poly1305, by creating a vector of the appropriate size and putting the nonce, ciphertext, and tag into it. However, it's tricky to do this if one does not know the nonce or tag size until runtime, for example when giving the user the choice of AEADs. Would the project be receptive to adding a trait such as this to the implemented AEADs?

trait SealSize {
    /// The length of a nonce.
    type NonceSize: ArrayLength<u8>;

    /// The length of the tag.
    type TagSize: ArrayLength<u8>;

    fn nonce_size() -> usize {
        Self::NonceSize::to_usize()
    }
    fn tag_size() -> usize {
        Self::TagSize::to_usize()
    }
}

That would enable one to create the appropriate-sized buffers in, say a blanket implementation such as:

impl<D: Aead + SealSize> Seal for D {
    fn seal(&self, msg: &[u8], aad: &[u8]) -> Result<Vec<u8>> {
        // Generate a nonce.
        let mut nonce = vec![0u8; Self::nonce_size()];
        rand::thread_rng().fill(&mut nonce[..]);
        // ...
    }
}

[newpavlov]

We have a similar method in the Digest trait, so personally I am not against addition of such methods to the existing traits (though I prefer to use Self::NonceSize::USIZE instead). But note that such methods probably will removed after migration to const generics.

It's also may be worth to consider addition of an object-safe trait similar to DynDigest.

[theory]

Is there a design document for const generics? Curious what that looks like.

[newpavlov]

Are you asking about RFC 2000? Its MVP version has been already stabilized and will be available in Rust 1.51, but unfortunately it's not sufficient for our needs (most notable due to this issue), so migration will be farther in future.

[tarcieri]

I was planning a refactor of the aead traits which accomplishes some of these goals for the next release.

Right now several of the traits (Aead, AeadMut, AeadInPlace, AeadInPlaceMut) all define associated types for NonceSize, TagSize, and CiphertextOverhead, which means types like Nonce and Tag can't be defined in such a way that they work across all of these traits (compare to Key, which is defined in terms of NewAead).

I'd like to extract the sizes onto a new trait (I was thinking AeadCore), and bound all of the other traits on such a supertrait.

That's all perhaps orthogonal to things like helper methods for computing a usize, but perhaps addresses some of your concerns.

Edit: opened #508

[theory]

Refactoring to allow Nonce and Tag to work across all the traits (without the need for special cases like XNonce) would be super handy.